提交 f8556919 编写于 作者: S Steffen Klassert

xfrm6: Fix the nexthdr offset in _decode_session6.

xfrm_decode_session() was originally designed for the
usage in the receive path where the correct nexthdr offset
is stored in IP6CB(skb)->nhoff. Over time this function
spread to code that is used in the output path (netfilter,
vti) where IP6CB(skb)->nhoff is not set. As a result, we
get a wrong nexthdr and the upper layer flow informations
are wrong. This can leed to incorrect policy lookups.
Signed-off-by: NSteffen Klassert <steffen.klassert@secunet.com>
上级 de3b7a06
...@@ -134,8 +134,14 @@ _decode_session6(struct sk_buff *skb, struct flowi *fl, int reverse) ...@@ -134,8 +134,14 @@ _decode_session6(struct sk_buff *skb, struct flowi *fl, int reverse)
u16 offset = sizeof(*hdr); u16 offset = sizeof(*hdr);
struct ipv6_opt_hdr *exthdr; struct ipv6_opt_hdr *exthdr;
const unsigned char *nh = skb_network_header(skb); const unsigned char *nh = skb_network_header(skb);
u8 nexthdr = nh[IP6CB(skb)->nhoff]; u16 nhoff = IP6CB(skb)->nhoff;
int oif = 0; int oif = 0;
u8 nexthdr;
if (!nhoff)
nhoff = offsetof(struct ipv6hdr, nexthdr);
nexthdr = nh[nhoff];
if (skb_dst(skb)) if (skb_dst(skb))
oif = skb_dst(skb)->dev->ifindex; oif = skb_dst(skb)->dev->ifindex;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册